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DETAILED ACTION 

1 . This office action is in response to Applicant's amendment filed on July 29, 2005. 
Claims 1, 3, 5, 6, 8, 10, 12-14, 16 and 18-19 have been amended. Claims 2, 9, and 15 
are cancelled. Claims 1, 3-8, 10-14 and 16-20 are pending. 

Oath/Declaration 

2. The objection to the Oath in the first office action is withdrawn. 

Response to Arguments 

3. Applicant's arguments filled July 29, 2005 have been considered but are moot in 
view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1.56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

5. Claims 1, 3-8, 10-14 and 16-20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Win et al. (hereinafter Win) United States Letter Patent Number 
6,182,142 in view of Urano et al. (hereinafter Urano) United States Letter Patent 
Number 6,202,158. 
As per claims 1 and 14: 

Win teaches a method of managing invalid password attempts, said method 
comprising: 

receiving a message corresponding to a failed login attempt from a computer 
system, wherein the message includes a distinguished name; (Col. 10, lines 26-38) 

calculating a total failed login attempt number corresponding to the distinguished 
name; (Col. 10, lines 39-41) 

identifying a failed login attempt allowed number; (Col. 10, lines 46-48) 

determining whether the total failed login attempt number is greater than the 
failed login attempt allowed number; (Col. 10, lines 38-41) and 
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revoking a password corresponding to the distinguished name based upon 
determining that the total failed login attempt number is greater than the failed login 
attempt allowed number. (Col. 10, lines 41-43) 

In addition. Win discloses a distributed architecture where components may be 
moved to different servers and replicated on multiple servers to handle increasing 
number of users. Multiple servers increase system performance by reducing login 
transaction times and increase system reliability by redundancy and increased 
availability. (Col. 25, lines 7-16) 

Win does not explicitly disclose receiving a message corresponding to a failed 
login attempt from one of plurality of computer systems that receives user login request 
and summation of failed login attempts corresponding to distinguished name that are 
received from the plurality of computer systems. 

Urano in analogous art, however, disclose receiving a message corresponding to 
a failed login attempt from one of plurality of computer systems that receives user login 
request and summation of failed login attempts corresponding to distinguished name 
that are received from the plurality of computer systems. (Col. 3, lines 38-44; Col. 4, 
lines 53-59; Col. 1 1 , lines 4-1 9 and lines 44-50) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the device disclosed by Win to include 
receiving a message corresponding to a failed login attempt from one of plurality of 
computer systems that receives user login request and summation of failed login 
attempts corresponding to distinguished name that are received from the plurality of 
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computer systems. This modification would have been obvious because a person 
having ordinary skill in the art would have been motivated to do so, as suggested by, 
Urano (Col. 2, lines 48-51) in order to detect the number of computer terminals when 
log-in operation are performed from a plurality of computer terminals by using identical 
user identification information. 
As per claims 3, 10 and 16: 

Win and Urano teach all the subject matter as discussed above. In addition, Win 
further discloses a method comprising: 

establishing a secure connection with the computer system that sent the 
message; (Col. 3, lines 7-1 1 ; Col. 4, lines 60-61 ; Col. 6, lines 1 5-1 6) and 

verifying a digital certificate corresponding to the computer system that sent the 
message, wherein the digital certificate is included in the message. (Col. 6, lines 8-10; 
Col. 18, lines 6-8; Col. 20, lines 31-33; Col. 23, lines 16-19) 
As per claims 4, 1 1 and 1 7: 

Win and Urano teach all the subject matter as discussed above. In addition, Win 
further discloses a method wherein the determining comprises: 

configuring parameters, wherein the parameters include a login tracking period; 
(Col. 9, lines 34-37; Col. 10, lines 6-12 and lines 19-22) 

storing a record in a failed login data store, the record including the distinguished 
name and a timestamp corresponding to a time the message was received; (Col. 10, 
lines 32-38 and lines 46-49; Col. 12, lines 46-48) and 
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removing one or more records from the failed login data store in response to one 
or more corresponding timestamps being older than the tracking period. (Col. 10, lines 
41-43; Col. 20, lines1-2) 
As per claims 5, 7, 12, 18 and 20: 

Win and Urano teach all the subject matter as discussed above. In addition. Win 
further discloses a method wherein the revoking further includes: 

preparing a password revocation message, the password revocation message 
identifying the distinguished name; (Col. 10, lines 2-4) and 

sending the password revocation message to one or more login servers, wherein 
the login servers include the computer system. (Col. 10, lines 4-5) 
As per claims 6, 13 and 19: 

Win teaches all the subject matter as discussed above. In addition, Win further 
discloses a method comprising: 

establishing a secure connection to each of the login servers; (Col. 3, lines 7-11; 
Col. 4, lines 60-61; Col. 6, lines 15-16) and 

including a digital signature identifying a sending computer system in the 
password revocation message. (Col. 6, lines 8-10; Col. 18, lines 6-8; Col. 20, lines 31- 
33; Col. 23, lines 16-19) 
As per claim 8: 

Win teaches an information handling system comprising: 

one or more processors; (Figure 9, item 904) 

a memory accessible by the processors; (Figure 9, item 906) 
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one or more nonvolatile storage devices accessible by the processors; (Figure 9, 
item 908) 

a password managing tool to process invalid password attempts, the password 
managing tool including: 

means for receiving a message from a computer system, wherein the message 
includes a distinguished name; (Col. 10, lines 26-38) 

means for calculating a total failed login attempt number corresponding to the 
distinguished name; (Col. 10, lines 39-41) 

means for identifying a failed login attempt allowed number; (Col. 10, lines 46-48) 

means for determining whether the total failed login attempt number is greater 
than the failed login attempt allowed number; (Col. 10, lines 38-41) and 

means for revoking a password corresponding to the distinguished name based 
on the determination. (Col. 10, lines 41-43) 

In addition. Win discloses a distributed architecture where components may be 
moved to different servers and replicated on multiple servers to handle increasing 
number of users. Multiple servers increase system performance by reducing login 
transaction times and increase system reliability by redundancy and increased 
availability. (Col. 25, lines 7-16) 

Win does not explicitly disclose receiving a message corresponding to a failed 
login attempt from one of plurality of computer systems that receives user login request 
and summation of failed login attempts corresponding to distinguished name that are 
received from the plurality of computer systems. 
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Urano in analogous art, however, discloses receiving a message corresponding 
to a failed login attempt from one of plurality of computer systems that receives user 
login request and summation of failed login attempts corresponding to distinguished 
name that are received from the plurality of computer systems. (Col. 3, lines 38-44; Col. 
4, lines 53-59; Col. 1 1 , lines 4-1 9 and lines 44-50) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the device disclosed by Win to include 
receiving a message corresponding to a failed login attempt from one of plurality of 
computer systems that receives user login request and summation of failed login 
attempts corresponding to distinguished name that are received from the plurality of 
computer systems. This modification would have been obvious because a person 
having ordinary skill in the art would have been motivated to do so, as suggested by, 
Urano (Col. 2, lines 48-51) in order to detect the number of computer terminals when 
log-in operation are performed from a plurality of computer terminals by using identical 
user identification information. 

Conclusion 

6. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See Form PTO-892. 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shewaye Gelagay whose telephone number is 571-272- 
4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Albert Decady can be reached on 571-272-3819. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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